Privacy and Cookie Policy Test

This policy pertains to our marketplace at hutterproducts.com, including the /privacyandcookie page, mobile experiences, and support channels.

It applies to buyers, suppliers, designers, and visitors engaging with accounts, orders, AI configurators, uploads, and sustainability insights.

We adhere to the EU General Data Protection Regulation (GDPR), the Swiss Federal Act on Data Protection (FADP), the ePrivacy Directive, and the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA).

Data controller: Hutter Products GmbH, Lagerstrasse 12, 8004 Zurich, Switzerland.

Swiss Chamber of Commerce Registration Number: CH-920.4.068.832-7; VAT: CHE-284.907.929.

Primary contact: privacy@hutterproducts.com | Phone: +41 71 723 12 18.

Data Protection Officer (DPO): privacy@hutterproducts.com.

Representative in the EU (for GDPR Art. 27): Hutter Products GmbH, c/o Hutter Products EU Services, 120 Rue de Lausanne, 1202 Geneva, Switzerland/EU liaison office.

We only collect the data necessary to operate the marketplace in a responsible and lawful manner.

Personal and account data: names, job titles, company details, billing and shipping addresses, emails, phone numbers, login credentials (hashed), marketing preferences.

Transaction and logistics data: orders, invoices, payment confirmations, refund history, customs declarations, carrier tracking updates, proof of delivery.

Design and upload content: user-generated logos, artwork, fonts, brand guidelines, AI prompts, real-time 3D previews, version history, annotations, and moderation flags.

Sustainability metrics: carbon footprint calculations, recycled content scores, certification evidence, aggregated eco-impact dashboards.

Device and usage data: IP addresses (shortened where feasible), browser and OS details, session logs, error reports, interaction data within AI configurators, support chats, and feedback forms.

Consent and compliance data: cookie choices, marketing opt-ins or opt-outs, acceptance of Terms, fraud and sanctions screening results.

We do not intentionally collect sensitive personal data (e.g., health information, biometric identifiers). Please refrain from uploading such information.

Our AI 3D configurators handle prompts, design selections, and uploads to create previews, suggest materials, and simplify approvals.

Automated checks identify potential infringements (e.g., offensive or trademarked content) and direct them to a human review team before any decision affects your order.

We carry out and assess Data Protection Impact Assessments (DPIAs) for AI features, examine for bias, and record mitigation measures.

You can request a human review of an AI-driven outcome or ask for an explanation of how your data influenced a recommendation by emailing privacy@hutterproducts.com.

To provide essential services: register accounts, verify suppliers, manage catalogues, fulfil orders, arrange shipping, process payments, and handle returns (contract necessity).

To facilitate collaboration: share design briefs, sustainability metrics, and status updates between buyers and suppliers (contract + legitimate interest).

To enhance AI personalisation: remember configurations, render previews, store approved assets, and suggest eco-friendly alternatives (legitimate interest; consent where local law requires).

To offer sustainability tracking: calculate emissions, generate eco-impact dashboards, and compile anonymised environmental reports (legitimate interest + consent for optional analytics cookies).

To secure the platform: authenticate sessions, detect fraud, enforce Terms, and monitor for misuse (legitimate interest and legal obligation).

To communicate: send order updates, service notices, surveys, and marketing emails. Marketing to EU/Swiss users is based on consent; all users can opt out at any time.

To fulfil legal and regulatory obligations: maintain tax and accounting records, comply with customs and product safety regulations, and respond to lawful requests (legal obligation).

Contract necessity encompasses account management, orders, supplier onboarding, and delivery workflows.

Legitimate interests encompass platform security, product enhancement, sustainability analytics, and responsible marketing to our existing customers. We carefully weigh these interests against your rights.

Consent applies to email and SMS marketing in the EU/EEA/Switzerland, optional profile data, and non-essential cookies or trackers. You can withdraw your consent at any time without impacting any lawful processing that occurred prior to your withdrawal.

Legal obligations include tax, accounting, customs compliance, sanctions screening, and responding to regulators.

Our cookie banner obtains detailed consent for analytics, personalisation, advertising, and sustainability tracking cookies in accordance with GDPR and the ePrivacy Directive.

We use cookies, local storage, pixels, and device identifiers to operate the site, enhance performance, personalise experiences, and report sustainability metrics.

Essential cookies load automatically. Analytics, personalisation, advertising, and sustainability cookies load only after you provide consent via the banner or preferences centre.

We depend on privacy-conscious analytics providers (e.g., Matomo, Plausible) set up with IP masking and restricted data retention.

Cookie Type | Purpose | Examples | Retention | Consent Required

Essential (Strictly Necessary) | Maintain sessions, security, accessibility, cookie preferences | session_id, csrf_token | Session for 12 months | No (legitimate interest)

Analytics and Performance | Measure visits, identify errors, enhance UX | Matomo visitor_id, Plausible metrics | Up to 13 months | Yes

Personalisation | Save configurator settings, remember recent designs, tailor dashboards | design_pref, ai_material_choice | Up to 12 months | Yes

Advertising and Social | Measure campaign reach, prevent duplication, manage retargeting | LinkedIn Insight tag, Google Ads conversion | 3 to 6 months | Yes

Sustainability Tracking | Aggregate carbon savings and recycled content metrics | eco_dashboard, impact_session | Up to 24 months | Yes

You can update your consent preferences at any time via the "Manage cookies" link located in the footer of the site.

Most browsers allow you to block or delete cookies; instructions differ by provider. Blocking essential cookies may restrict access to secure areas or configurator features.

Opt out of advertising trackers through industry portals like Your Online Choices (EU) and the Network Advertising Initiative (US).

We only share personal data with vetted partners who require it to deliver services on our behalf.

Key recipients: certified suppliers and manufacturers, logistics and warehousing partners, payment processors, cloud hosting and AI infrastructure providers, sustainability analytics vendors, professional advisors, and auditors.

We require written data processing agreements, confidentiality, and security standards that comply with GDPR and Swiss FADP expectations.

If data is transferred outside of Switzerland or the EU/EEA, we depend on adequacy decisions where applicable or the EU Standard Contractual Clauses with Swiss addenda and additional safeguards (encryption, access controls, transfer risk assessments).

You can request copies of transfer safeguards by contacting privacy@hutterproducts.com.

We encrypt data in transit (TLS 1.2+) and at rest, operate on secure infrastructure, and implement role-based access controls with multi-factor authentication for our team members.

We carry out regular penetration tests, vendor security assessments, and incident response simulations for AI and marketplace systems.

If a personal data breach takes place, we will inform affected individuals and relevant supervisory authorities without unnecessary delay, in accordance with GDPR Articles 33 and 34, the Swiss FADP, and applicable US state laws.

Account, order, and financial records: retained for the duration of the business relationship plus up to 10 years to comply with Swiss and EU statutory requirements.

Design files, AI prompts, and previews: stored for the duration of the active project lifecycle plus 24 months, unless you delete them sooner or request their removal.

Sustainability analytics containing identifiable data: retained for 36 months; aggregated or anonymised metrics may be kept for a longer period.

Support tickets, chat transcripts, and audit logs: retained for up to 24 months unless legal obligations necessitate longer storage.

Marketing consent records: retained for five years from the last interaction to demonstrate compliance.

You can exercise these rights by emailing privacy@hutterproducts.com or by using your account settings.

• Access: request a copy of the personal data we hold about you.

• Rectification: correct inaccurate or incomplete data.

• Erasure: request us to delete data when it is no longer required or when you withdraw your consent.

• Restriction: limit how we process data in certain circumstances.

• Objection: object to processing based on legitimate interests, including profiling for personalisation or analytics.

• Portability: receive data in a structured, widely used, machine-readable format or request us to transfer it to another controller.

• Withdraw consent: change your marketing and cookie preferences at any time.

We aim to respond within one month (which may be extended by an additional two months for more complex requests) and may require proof of identity before proceeding.

You may raise a complaint with the Swiss FDPIC or your local EU supervisory authority if you are not satisfied with our response.

Residents of California can request details regarding the categories and specific pieces of personal information that have been collected, used, disclosed, or shared over the past 12 months.

You can request the deletion of personal information, subject to legal exceptions such as completing transactions or identifying security incidents.

You can opt out of any sale or sharing of personal information for cross-context behavioural advertising; use our cookie preferences or email privacy@hutterproducts.com.

We do not sell personal information for financial gain and do not knowingly process sensitive personal information for purposes beyond the limited, permitted uses.

We will not discriminate against you for exercising your CCPA/CPRA rights.

We create data flows that underpin transparent sustainability claims while gathering only the metrics necessary to validate eco-impact (e.g., recycled material percentages, lifecycle savings).

User-generated content is stored in organised workspaces with access controls, allowing teams to retain only relevant artwork and easily delete outdated files.

We regularly anonymise or aggregate sustainability analytics before sharing externally, ensuring that individual buyers or suppliers cannot be re-identified.

The marketplace is aimed at professionals and is not intended for children under 16 or the minimum age specified by local law.

We do not knowingly collect personal data from children. If you believe a minor has provided us with data, please contact us so we can delete it promptly.

We update this policy to reflect new services, legal requirements, or feedback received.

Material changes will prompt email or in-platform notifications at least 14 days prior to their implementation, unless legislation necessitates quicker updates.

We keep earlier versions available upon request, allowing you to monitor how our practices develop over time.

Email: privacy@hutterproducts.com (preferred channel for privacy rights and cookie preferences).

Postal: Data Protection Officer, Hutter Products GmbH, Lagerstrasse 12, 8004 Zurich, Switzerland.

Online: use the contact form at https://hutterproducts.com/contact for secure submissions.

Regulatory queries: authorities may reach our DPO at privacy@hutterproducts.com or call +41 71 723 12 18.

• Q: Can I delete AI designs or uploaded artwork? A: Yes. You can remove files in your dashboard or request deletion via privacy@hutterproducts.com; backups will be purged within 30 days unless retention laws apply.

• Q: How do I opt out of marketing? A: Use the unsubscribe link in any message, update your preferences in your profile, or drop us an email. Transactional emails will still be sent when necessary.

• Q: What happens to sustainability data? A: Identifiable metrics remain within our secure systems and processors; public reports are based solely on aggregated or anonymised insights.

• Q: How does the cookie banner work? A: The banner captures detailed consent and allows you to revisit your choices at any time via the "Manage cookies" link.

• Q: What happens in the event of a breach? A: We adhere to a proven incident response plan and promptly inform affected users and relevant authorities, including suggested protective measures.